Azure Functions rely on Azure App Service for their authentication needs. App Service has rich authentication features where clients can use OpenConnectID for authentication and OAuth for authentication. Users can be authenticated using Azure Active Directory, Facebook, Google, Twitter, or Microsoft accounts:

Azure Functions that are based on HTTP can also incorporate the use of keys, which should be sent along with HTTP requests: 

The following keys are available from the Manage tab in Azure Functions:

• Function keys: Allows authorization to individual Functions. These keys should be sent as part of the HTTP request header.
• Host keys: Allows authorization to all Functions within a function app. These keys should be sent as part of the HTTP request header.
• Default keys: Used when using function and host keys. There is an additional host key named _master that helps in administrative access to the Azure Functions runtime API.